-3

The question is more generally from a constructive point and realization but I'd be grateful for example or link with example (not only theory).

The idea is as follows:

  1. Everything should be done locally.
  2. Any library whatsoever is allowed but whole program should be portable, and so omit fancy things that aren't portable.
  3. Platform - Win7+
  4. Completely no size limits.
  5. The safer - the better.
  6. WPF.

Don't ask why, all of the above^ is a must and point.

Now closer to the point itself. So the program workflow and data management should look ~like:

  • User starts obfuscated, single instance, etc. (you can omit this in your example) WPF exe.
  • User selects the file (if already exists it will be overwritten on save, if not then it will be created on save)(you can omit this one as well).
  • Now user provides all of the data needed by encryption (e.g. for AES - key and IV)(encryption is UP for a discussion - let me know which one you think will suit me more and why, after reading whole wall of text of course, thanks) and press to proceed and read the encrypted data from file (if file was selected).

Before going any further you'll need to understand the structure of data.(Note: data representation and holder,serialization etc. is UP for discussion but not the structure itself) For better visualization I'll show the concept on the Dictionary:

Dictionary<Tuple<string, string, string>, Dictionary<string, string>>
  • So the Tuple values are like three equally important strings which should be loaded all at once from file (I know that things I'm going to talk about further are not exactly how they work, but as I've already said that^ Dictionary is just for the visualization and ease of explanation, data management is UP for suggestions).
  • User will be granted with 3 search textboxes and he should be able to search through any of those 3 or all at once and view the results in a form of a table/list (I know, I know that for now dataset looks like the thing to go, but I wouldn't ask your help if everything was so simple). At this point the user should be able to create new KeyValue pair for that^ dictionary and save the result back so that it will be decrypted and file appended/overwritten or written if new.
  • Now when user is happy with result he can select the thing he needs and proceed - now for that selected Key all Value's Keys are loaded from encrypted file but its respective Values aren't. All those Keys are represented in some sort of a list.

  • Now once again user can scroll through it select the Key and press one of 4 buttons:

    1. Delete - removes Key and Value but remain the Tuple.

    2. Copy - just loads the respective Value from file and puts it in clipboard.

    3. Edit - loads the respective Value and allows to edit both Key and Value.

    4. New - create new KeyValue pair.

  • At any given time user can press save and it saves current state to encrypted file. Or save as to the other file(so in this case instead of fetching all values it should copy that file and modify it).

  • User can go back and forth adding and modifying values.
  • When user is happy with result he closes app and yay wall of text ended.

And also should I store all loaded values in a secure strings or there is something better? (so that it can't be read from memory by some third party program, I have developed in past some sort of security preventing calls to app or injections but still - secure string or something else?).

Thanks to all who'll read up to this part anyway. If you have any questions or didn't understood some part of my question - let me know, I'll try to elaborate or explain it better, thanks again.

Edit 1: Okay Alex I'll try to make tl/dr for you:

Part 1 - what way should I partially decrypt then deserialize some chunk of Data from file and then on need fetch the other values from file and on need save changes/additions back. Recommend anything.

Part 2 - best way to protect loaded data in memory from third party apps.

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
ptrs
  • 1
  • 2
  • Are you hiring a software engineer? – adamdc78 Apr 29 '15 at 00:53
  • If you want I can develop it for 20$/hour XD. – Gusman Apr 29 '15 at 00:55
  • Nope I'm not hiring any new devs, at least at this point of time )) – ptrs Apr 29 '15 at 01:01
  • 1
    Please [edit] your post so that it at least resembles a question. Please refer to [How do I ask a good question](http://stackoverflow.com/help/how-to-ask), [What topics can I ask about here?](http://stackoverflow.com/help/on-topic) and [What types of questions should I avoid asking?](http://stackoverflow.com/help/dont-ask). Currently your question is (1) too broad (2) unclear and (3) asking for opinions. All of these are reasons to vote for closing your question. – Alex Apr 29 '15 at 01:05
  • I belive @ptrs doesn't have very clear the "sarcasm" concept... – Gusman Apr 29 '15 at 01:05
  • @Gusman well I haven't asked anyone to write whole program for me but a help with idea or even a link to example (maybe someone has dealt with something similar, I just couldn't find anything similar on the web that's why I'm asking for help here), if the question is too difficult for you then just pass through. Without partial-fetching I can do whole thing right now. – ptrs Apr 29 '15 at 01:24
  • As Alex said, that questions is not a question for StackOverflow. If you are asking all of this then you have barely no knowledge of C# nor programming and it will be a pain to explain anything to you, so, hire a real programmer. – Gusman Apr 29 '15 at 01:26

1 Answers1

0

As I can understand, based on the comments and downvotes, this community welcomes only "plain dead simple" questions (like my previous one) but not constructive and complicated ones. So I'm definitely migrating to some more difficulty-friendly community.

I'll leave 2 solutions (that I've think of) to my problem just for the ones that might be looking for the same problem in the future:

1) Splitting all data to chunks and writing/reading it to plain text/binary file using custom specifically created writer for this purpose that will write Tuples in a separate place with demarcation of borders and all their values to the other part of file with respective positions saved for each Tuple. It's going to be complicated but that's the closest thing I could come up with.

2)If the first one will get too complicated with addition of new values and moving positions of chunks then I'll just encrypt each string separately and then encrypt whole serialized data to the file so that I can load it and then on need decrypt the needed strings.

As for the strings in memory - I might also just encrypt them.

If anyone will post a better solution I'll accept it instead (will check tomorrow, if nothing will be posted till then - then I guess I won't check anymore, so any moderator should feel free to accept any better answer than this one). I may come up with some other idea but I'm surely not gonna update this answer anymore.

Edit: can't even accept my answer for few days, so I'll just leave it like that.

ptrs
  • 1
  • 2